Instagram uses the standard oauth authentication flow in order to allow apps to act on
a user's behalf. Therefore, the API provides two convenience methods to help
you authenticate your users. The first, get_authorization_url, can be used
to redirect an unauthenticated user to the instagram login screen based on a
redirect_uri string and an optional options object containing
an optional scope array and an optional state string. The
second method, authorize_user, can be used to retrieve and set an access token
for a user, allowing your app to act fully on his/her behalf. This method takes
three parameters: a response_code which is sent as a GET parameter once a
user has authorized your app and instagram has redirected them back to your
authorization redirect URI, a redirect_uri which is the same one
supplied to get_authorization_url, and a callback that takes
two parameters err and result. err will be populated if and
only if the request to authenticate the user has failed for some reason.
Otherwise, it will be null and response will be populated with a
JSON object representing Instagram's confirmation reponse that the user is
indeed authorized. See instagram's authentication
documentation for more information.

Below is an example of how one might authenticate a user within an ExpressJS app.

Subscriptions are callbacks from Instagram to your app when new things happen. They should be web-accessable, and return req.query['hub.challenge'] on GET. Read more here. After you subscribe, Instagram will calllback your web URL whenever a new post, user action, etc happens.

When you use functions like user_media_recent or tag_media_recent, you will get a pagination object in your callback. This object
is basically the same that Instagram would give you but there will be a next() function that let you retrieve next results without caring about anything.